We have the Edge

The topology for OCS architecture has changed for R2. We know support three topologies:

Consolidated Edge

Load Balanced Consolidated Edge

Multi-Site Consolidated Edge

Consolidated Edge – in RTM We needed a Public IP address for the outside edge. In R2 we’ve changed that if you are using a single consolidated edge. In this scenario you can NAT the external IP address. This will help with small installations of OCS.

Load Balanced Edge – NATing can’t be done as we have multiple External Edge and the H/W load balancer wouldn’t not which Edge to route traffic to. In this scenario the External Edge will need Public IP Addresses. For most schools this isn’t an issue but a very important distinction.

Finally we have multi-site Consolidated Edge Configuration

We have made significant changes in the design of the edge for A/V which reduce the external edge external firewall ports from 20K to 2. No inbound TCP/UDP port range is required on external firewall. Also the outbound UDP port range is not required. So 3478 and 443 are only ports needed. There are restrictions such as federation with an OCS RTM A/V Edge server. In this scenario the same ports are required as for RTM. This is important if your plans are to federate with other schools.

Reverse Proxy also has more responsibilities in an R2 configuration. If you support external devices the Device Update Service requires a reverse proxy. The reverse proxy must be configured to publish these directories: